JPH09153014A - Terminal equipment for electronic network - Google Patents

Abstract

PROBLEM TO BE SOLVED: To complete the confirmation of a sender or receiver at the time of information transmission or reception and make the security of information complete by ciphering information with a common key of a chaotic random sequence of numbers based upon an initial value each time the information is sent, and deciphering it on a reception side with the common key of the random sequence of numbers based upon the same initial value. SOLUTION: A communication control part 1 controls a communication according to a specific protocol and a ciphering/deciphering part 11 ciphers or deciphers information according to the common key. A chaos engine 3 generates the invariably chaoslike random sequence of numbers with a discrete dynamics system function by using the initial value or alteration command value is inputted each time it is inputted. An IC card 13 stores the chaoslike random sequence of numbers as the common key for ciphering and deciphering and stores one of sequences of real numbers used for the random sequence generation as an initial value. Then a monitor part 5 inputs a command value for changing the random sequence to the chaos engine 3 at every break of sent or received information and outputs the stored common key to the ciphering/deciphering part 11, and also supplies the initial value to the chaos engine 3.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention improves communication security and information security, which are indispensable requirements when conducting, for example, product transactions (electric commerce: EC) using the Internet, which is an open network. And a terminal device of an electronic network for realizing a digital signature.

[0002]

2. Description of the Related Art For example, when communication is performed using the Internet, which is a type of open network, it is necessary to confirm the identity, prevent data leakage, prevent interception of communication, prevent data destruction and tampering, and prevent system damage. In order to devise various security technologies.

Particularly in the electronic commerce, when considering the realization of electronic settlement, electronic signature and digital cash, the security is not yet perfect.

Encryption and decryption techniques have long been well known as means for achieving this.

Information in a format that can be read by us is called "plain text", and information in a format that cannot be read by others is called "cipher text".

[0006] Generally, an encryption table and a decryption table are provided,
Information sent to the communication system is encrypted and information from the communication system is decrypted using these tables. Further, in recent technology, in addition to this, a device for controlling the encryption table and the decryption table by using information called "key" and conventional encryption has been made. A technology that combines these technologies and proves that "this is a document that I have created" is called a digital signature.

[0007]

However, in the case where such an encrypted communication system can be used only for a specific limited number of people, for example, in the case of military, this conventional method may be customized. However, if it becomes an open network where everyone shares a communication system, that is, an inside, it will be very difficult to understand what it will be like.

That is, since the communication system consisting of the encryption table, the decryption table, and the conventional encryption for opening it is shared by all, it is no wonder that someone who breaks the security mechanism comes out. In other words, security and openness are inherently a trade-off.

In other words, we are seriously considering "encryption that anyone can read".

The above conclusion can be reached if the security issues are strictly covered, but aside from this essential point of view, it was devised in advance in response to the EC's request to manage online shopping. It was an encryption technology called "public key method".

In this system, the encryption key and the decryption key are different, and the encryption key is "substituted" in the network. And the other key is the "private key"
As a result, only the parties can use it properly.

[0012] When sending certain confidential information from "Mr. A" to "Mr. B", the public key of the recipient "Mr. B" is first transmitted from "Mr. B" to "Mr. A". .

At this time, since the "public key" is transmitted, it is called public.

"Mr. A" encrypts using this "public key" and sends the ciphertext to Mr. B.

The received Mr. B decrypts with his own private key. Even if there is an eavesdropper, it is safe because you can only get the public key. The term "safe" here means that it is safe in practice (for example, it takes years for a supercomputer to decrypt it), but it is not safe in theory.

The reason is that both keys must satisfy the orthogonal condition (relationship between front and back) mathematically.
The problem is that it is theoretically possible to deduce the private key from the public key.

It is said that such conventional security technology costs 600 billion dollars a day for financial work, for example, forex trading, but it is natural to point out that such money flow work cannot be entrusted.

However, the Internet has an attractiveness that has never been achieved. It is a world of openness and self-responsibility, also called the Internet "democracy". This is the needs of the times.

The present invention has been made in order to solve the above problems, and it is a terminal of an electronic network that completely confirms the identity when transmitting and receiving information using the electronic network and that completes the security of information. The purpose is to obtain the device.

[0020]

According to a first aspect of the present invention, when information is transmitted and received in a terminal device of two or more electronic networks which perform two-way communication via the electronic network, it is based on a predetermined communication protocol. A communication control unit that controls communication, an encryption / decryption unit that encrypts or decrypts information based on a common key, and a discrete dynamic system function using these values each time an initial value or a change command value is input. A chaotic engine that always generates a chaotic random number sequence, and a real number sequence used to generate a random number sequence while storing the chaotic random number sequence as a common key for encrypting or decrypting information. One of the above is stored as an initial value, and the transmission / reception information is monitored, and a change command value for changing the random number sequence is input to the chaos engine for each division of the information , The common key stored output to the encryption / decryption unit, and is summarized in that with each means for providing an initial value to chaos engine.

According to a second aspect of the present invention, when the mutual terminal devices authenticate the parties, the common keys stored therein are exchanged by using the communication control unit as a party authentication key at the time of establishing the connection and stored. The present invention is provided with a means for comparing the received party authentication key and the received party authentication key to determine whether the party is a valid communication partner. According to a third aspect of the present invention, mutual terminal devices store the common key and the initial value in a storage medium, and the storage medium sends the stored common key and the initial value to the monitoring unit while the chaos engine is running. And

According to a fourth aspect of the present invention, the chaotic engine of the mutual terminal devices pushes out a predetermined number of chaotic random number sequences based on the change command and discards them, and adds a new change number sequence of the same number as the pushed out number. The point is to output a random sequence.

According to a fifth aspect of the present invention, in order to realize a digital signature of an electronic check or a digital cash issued on the Internet, a random number sequence output from a chaos engine is used as a conventional cipher, and the digital cash is issued at the same time when the digital cash is issued. While storing the code in the issuing bank,
When the digital cash is transferred from the issuer to the terminal or from the terminal to the terminal, the conventional cipher is re-encrypted with the chaos common key used for communication and transferred, or when stored in the terminal, output from the chaos engine on the terminal side. The gist is to re-encrypt and store the conventional encryption with a random number sequence (chaos key).

[0024]

BEST MODE FOR CARRYING OUT THE INVENTION The above-mentioned relationship of "tradition" and "trade-off" cannot be solved by simply devising a means. We have to change the way we think about security. The idea will be extended below, and the structure of the present invention will be described thereafter.

For example, suppose that the parties A and B are now exchanging information using a common key, and the common key An of the party A and the common key Bn of the party B are: An = Bn = [0110010 ... …]

Now, it is assumed that the common key An of the party A is changed to An → An ′ and the common key Bn of the party B is simultaneously changed to Bn → Bn ′ by some trigger.

It is desirable that this change be done without exception, without any statistical property.

In other words, An → An '→ An
It is being changed one after another, but what if the contents are completely disordered (chaotic state)?

For example, An = Bn = [0110010 ...
…] → [1000110 ……] → [1111000 ...
…] …… and so on.

That is, it is equivalent to saying that the encryption book and the decryption document owned by the parties A and B change during communication, and that they also change with infinite variations.

Now, a brief description will be given of how the common keys of the parties A and B, which are separated from each other, change chaotically in synchronization.

As mentioned above, the common key is changed by some kind of trigger, but if there is information on the changed contents in this trigger and it flows on the network, a third party can also make the same common key. As such, it is not possible to include changes in a trigger.

Therefore, a signal carrying other information is used as a synchronization signal, for example, 1 data link establishment / release 2 application layer data format delimiter 3 application start / end is used as a synchronization signal.

Now, considering these as a network system, let's assume that the communication protocol (protocol) is set so that the common key is automatically updated when the network is released (when the application is terminated).

Next time, when the same party A and then person B authenticate each other, the last common key will be exchanged and the session will be entered.

At this time, the exchanged common key may be "whole-looking" on the transmission path. Because, by exchanging the common key, the person's authentication is instantaneously performed in an auto-matching manner, while if they match, the common key is immediately updated randomly by both parties A and B. This is because it is sufficient to define (protocol).

Barrier at this time (security wall)
Will be described in detail.

A Common Key This is a random bit string (for example, 40 or more).
Even if a third party knows this, it is impossible to specify the state of the chaotic engine in order to estimate the next bit string.

This is because the mechanism for generating a random bit orbit from a chaotic real number orbit is a perfect one-way function.

B Synchronization Trigger Signal from any layer of the application from the data link. For example, in the upper layer, a data delimiter is used as a trigger for synchronization, but there is a large headline, a small headline, a stage, etc., and one of them is not determined. In other words, the update timing depends on the event of each communication.

C Method of updating bit string of common key: Only one bit is changed to the Tokoro point method, all bit strings are pushed out, or in the meantime, etc. This is also left to the case-by-case promise.

D Time series contents of the common key, which always changes chaotically.

As can be deduced from the above, (I) Even if the protocol is made public, no clues for decryption can be obtained.

(II) Communication is not possible even if the common key is handed to a third party (abnormal interruption).

(III) Even if the parameters of the function happen to match (the number of parameters is innumerable), they do not match because the common key history is different.

(IV) Even if the parameters of the function (for example, stored in an IC card or the like) are obtained, the history of the common key cannot be simulated.

That is, according to the present invention, the common key shared only by the parties has conventionally been a conventional cipher that should not change, let alone the first common key and the current key that change during or after communication. It was out of the question that and did not match.

However, in the present invention, the common key is constantly changed in every process and layer of communication.

Moreover, the online parties are provided with a mechanism in which the common keys are chaotically disordered and coincide with each other.

That is, in this mechanism, the idea of controlling a non-deterministic random process with a deterministic function to make a common key and the common key chaotically change
It consists of two pillars that do not allow people to pursue.

To summarize the above, 1. The terminal of the person skilled in the art of the client / server of the open network (Internet) is respectively regenerated 2. The random number sequence of the corresponding number of bits is generated and updated by the discrete dynamical system function set in the chaotic state. A software engine (hereinafter referred to as a chaotic engine) for controlling the chaotic engine and an input variable for controlling the chaotic engine. 3. Also, in order to control the generation and update of the random number sequence in synchronization, a communication information monitoring unit is provided. The delimiter signal of various data generated in the communication process is used as a synchronization signal to enable the synchronous control of the processes of both terminals.

4. Therefore, the constantly updated random number sequence is used as the common key of the client / server (hereinafter referred to as chaos / common key). The present invention is constructed based on the above concept.
A specific configuration of the present invention will be described below with reference to FIG. Also, the initial value that is a parameter for starting the chaos engine may be exchanged online using the public key method, but (a) in this example, the initial value is registered in the IC card that is the storage medium, By exchanging this IC card by both parties, a transaction can be made only by the party carrying the IC card.

(B) When exchanging the initial value which is the parameter for starting the chaos engine on-line using the public key method, the public key is used only once but not thereafter.

When a large continuous transaction is contracted, a relatively small capricious transaction in (a) may be dealt with in (b).

FIG. 1 is a schematic configuration diagram of a terminal device of the network system of the present invention. The terminal device of the network system of FIG. 1 includes a communication control unit 1 and a chaos engine 3.
Each terminal includes a monitoring unit 5, an e-commerce client unit 7, a trajectory change instruction unit 9, an encryption / decryption unit 11, and an IC card 13.

The communication control means 1 uses TCP (Transm).
session control protocol) /
Transmission of information is controlled by IP (Internet Protocol).

The chaos engine 3 has the function xn + 1 = F (xn) of the discrete dynamical system controlled in the chaos region expressed by the following equation, and when the initial value xo of the IC card 13 is input,
A random real number trajectory xn (xn: x1, x2, x3, ... xn) is generated in accordance with the instruction value of the trajectory change instruction unit 9, and at the same time, a random bit trajectory kw (kw: w1) as a one-way function. , W2, w3, ... wn) are output,
I through the monitoring unit 5 and the e-commerce client unit 7
It is stored in the C card 13.

After that, based on the real number trajectory xn of the IC card 13 and the instruction value of the trajectory change instruction section 9, a new real number trajectory value xn + 1 and a new bit trajectory kw are generated and stored in the IC card 13. Let

The function xn + 1 = F (x of this discrete dynamical system
n) is "Chaos and fractal BLUE BACKS
January 25, 1995 Kodansha Masaya Yamaguchi P12-
2 or 3 as described in "P140", the function in which the graph is folded into a mountain shape is used.

For example, the orbital value of this function in FIG. 2 does not converge as shown in FIG. 4, and is uniformly disturbed.
The broken line in FIG. 2 means the functional form that produces it.

The chaos engine 3 has an initial value xo (0 <x
With the input of o <1) or xn (0 <xn <1), the real trajectories xn (xn: x1, x2, x3, ... Xn) and the new real trajectories xn + j are generated, and the condition of the equation 1 is satisfied. formula

(Equation 1) Based on the real number orbit (xn or xn + j) 0 or 1
Bit orbit kw (w1, w2, w3, ... w
n) or a new bit trajectory kw + j is generated and output. This number 1 is a perfect one-way function.

Therefore, by providing such functions with each other,
If the initial value of the function is common, it will be disturbed with movement,
And the value is the same at both ends.

Also, this new bit trajectory kw + j is
The predetermined number of bits in the bit trajectory kw generated according to the instruction value of the trajectory change instruction unit 9 is pushed out.

For example, when the chaotic engine 3 inputs an OFFER (J) indicating how many pieces are pushed out from the trajectory change instructing section 9, the OFFER from the oldest bit trajectory kw.
(J) is extruded, gen (J) is added, and a new bit trajectory kw + j (hereinafter simply referred to as a new bit trajectory kw
Is generated and output. Therefore, the bit trajectory from the chaos engine 3 is very complicated. However,
Nothing is pushed out when the party authentication key for starting communication is sent.

When initializing the chaos engine 3, the monitoring unit 5 first passes the initial value xo of the IC card 13 to the chaos engine 3, and registers the bit trajectory kw generated by the chaos engine 3 in the IC card 13. Then, the bit trajectory kw is taken out again and passed to the communication control unit 1 as the party authentication key kw.

Then, during communication, this value Jn is obtained according to a rule that determines how many bit trajectories kw are pushed out for each information division, and is output to the trajectory change instructing section 9.

Further, the IC card 13 stores the real number trajectory xn generated by the chaos engine 3 and the new bit trajectory kw.

Further, when a request for connection is made from the other party, the party authentication key kw of the other party and the party authentication key k fetched from the IC card 13 in the communication control unit 1.
When w is compared and they match, the connection is established.

Then, the number of bit trajectories to be pushed out is determined for each division of the received information, and this value Jn is output to the trajectory change instructing section 9. This value Jn is determined on a case-by-case basis.

At this time, the real number orbit value generated by the chaos engine 3 and the bit orbit in the chaotic state are stored in the IC card 13.

When transmitting information, the e-commerce client section 7 displays a message on the display section 15 for designating a communication partner and inserting the IC card 13. Then, when the IC card 13 is inserted, the key board 17 is operated, the communication partner is designated, and the line is connected to the communication partner, the IC card 13 starts the initial value and the bit trajectory k.
The w is read and passed to the monitoring unit 5.

Further, the real number trajectory xn + j from the monitoring unit 5
And the bit trajectory kw are stored in the IC card 13.

The trajectory change instruction unit 9 transfers the instruction value (Jn) generated by the monitoring unit 5 to the chaos engine 3.

When transmitting / receiving information, the encryption / decryption unit 11 receives chaos / error from the monitoring unit 5.
Encryption or decryption is performed based on the common key KW.

The IC card 13, as shown in FIG.
Real number trajectories xn, xn from the commerce client unit 7
Shift register 2 in which + j is stored as the latest orbital value
0 and an initial value sending means 22 for sending the previous orbit value of the shift register 20 as an initial value xn.

Further, the shift register 24 in which the latest bit trajectory kw generated by the chaos engine 3 is stored, and the previous bit trajectory kw of the shift register 24 is set to the party confirmation key kw or chaos / common for encryption / decryption. It has a chaos key transmitting means 26 for transmitting as a key kw.

The operation of the terminal device of the network system configured as described above will be described below. 6 and 7
Is a flowchart explaining the entire operation at the beginning at the time of transmission. Further, in this description, the program between the e-commerce client unit 7 and the communication control unit 1 will be referred to as i
It is called sp (Internet Security Protocol).

The e-commerce client unit 7 retrieves the initial value xo (also called seed) from the IC card 3 and is
It is sent to p (S601) and is output to the chaos engine 3. It is indicated by in FIG.

The chaos engine 3 uses the initial value xo,
A real trajectory xn (xn: x1, x2, ... Xn) is generated (S603), and a bit trajectory kw (kw: w1,
w2, ... Wn) is generated (S605). In FIG.
Is shown as.

Next, the chaos engine 3 sends the generated real number trajectory xn and the bit trajectory kw to the IC card 13 via the E-commerce client unit 7 and again retrieves it as the party authentication key kw to the monitoring unit 5 (S607). ). In FIG. 1, it is indicated by.

The monitoring unit 7 passes the party authentication key kw as data to the TCP / IP which is the communication control unit 1 in order to exchange the party authentication key kw with the server on the other side (S609). Next, the communication control unit 1 (hereinafter simply TCP1
7), as shown in FIG. 7, the party authentication key kw sent from the other server is passed to isp (S70).
1).

Isp is the party authentication key k of the client.
It is determined whether w and the party authentication key kw of the server on the other side match (S703). If they match, TCP1 sends an ACK signal to the server on the other side (S703).
705).

That is, by exchanging the party authentication key kw of the IC card 13 in place of the password or the like,
Confirming the parties.

Then, the chaos engine 3 sends the new real number trajectory Xn + j to the IC card 13 (S707). FIG.
It is indicated by.

Next, the processing of party authentication will be described in detail. FIG. 8 is a flowchart for explaining the processing of the party authentication.

First, the e-commerce client unit 7 displays a message on the display unit 15 for designating the customer name from the key board 17 (S801).

Next, isp requests TCP1 to connect to the server on the other side (S803). Next, when the isp completes the 3-way handshake, it immediately takes out the bit trajectory kw as the party authentication key kw from the IC card 13 (S805). It is shown as in FIG.

Then, isp requests TCP1 to send the party authentication kw as data (S80).
7). Next, the client of the terminal A and the server of the terminal B on the other side compare the received party authentication kw with the party authentication kw of the IC card 13, and if they match, send ACK to each other (S809). . Needless to say, the parties will not be admitted if they do not match.

Next, the content encryption / decryption processing will be described. 9, 10 and 11 are flowcharts for explaining the process of encrypting / decrypting the content. First, it is determined whether the party authentication is completed (S90).
1).

Next, when it is judged that the party authentication is completed, E
The commerce / client section 7 requests the user's input and waits (S903).

Next, it is determined whether or not there is untransmitted information (S905), and if there is untransmitted data, the isp is requested to encrypt the data (S907). For example, a request is made to encrypt the amount of money, the account number of the other party, the name of the payout, etc.

Next, isp issues OFFER (J2) to the chaos engine 3 (S909). This OFFER
(J2) may be, for example, the number of push-outs at the time of releasing or establishing the connection, or the number of push-outs at the time of dividing the data.

Then, the chaos engine 3 generates a new bit trajectory kw (hereinafter referred to as update kw) and outputs it to the monitoring unit 5 (S911). It is indicated by in FIG.

Next, the isp takes out the updated kw from the IC card 13 as the chaos / common key kw for encryption / decryption and encrypts the data (S913).

That is, the chaos / common key kw is passed to the encryption / decryption unit 11 to encrypt the data. It is indicated by in FIG.

Next, isp is TC as shown in FIG.
A transmission request is issued to P1 (S1001). Then, the ACK indicating the completion of transmission is received (S1003). Next, isp issues OFFER (J2) to the chaos engine 3 (S
1005). The chaos engine 3 generates the updated kw and outputs it to the monitoring unit 5 (S1007).

Next, it is determined whether or not there is encrypted data received from the server on the other side (S1009). If there is encrypted data, isp is the latest chaos / common key kw.
Is taken out from the IC card 13 and the data is decrypted (S1011).

Then, as shown in FIG. 11, step S
The IC card 13 holds the latest update kw obtained in 1007, which has never been used (S110).
1). That is, the latest chaos / common key kw is held. Next, isp instructs TCP1 to release the connection (S1103).

If it is determined in step S1009 that there is no encrypted data received from the server, the process returns to step S905 in FIG.

Furthermore, when it is determined in step S905 that there is no untransmitted data, the process proceeds to step S in FIG.
Return to 1101.

That is, the embodiment shown in FIG.
A communication control unit 1, a chaos engine, a monitoring unit 5, an e-commerce client unit 7, an orbit change instruction unit 9,
The encryption / decryption unit 11 and the IC card 13 are provided, and when sending information to the other party, the IC cards 13 are exchanged with each other, and after confirmation of the other party by the password, the party authentication key of the IC card 13 of each other. When kw matches, it is a party.

When information is transmitted / received, the bit orbit of the chaos engine 13 is set to chaos / common key kw for each division of information, and the information is encrypted or decrypted based on this chaos / common key kw. .

Therefore, since the chaos / common key changes in synchronization with each other in the communication process in the network, (I) Even if the protocol is made public, no clues for the decryption can be obtained.

(II) Communication is not possible even if the common key is handed to a third party.

(III) Even if the parameters of the function happen to match (the number of parameters is innumerable), they do not match because the chaos / common key history is different.

(IV) Even if the parameters of the function are obtained, the history of chaos / common key cannot be simulated.

Thus, the trade-off is achieved at a high level.

Next, a case where the present invention is applied to an electronic check will be described with reference to FIG. This is also an application example of a digital signature.

(Explanation of Buyer Side) As shown in FIG.
It is assumed that the buyer 30 (Mr. C) purchases the product of the seller 32 (S company), and in order to pay the price, the bank 34 (issues an electronic check as shown in FIG. 13 in which the amount equivalent to the price is described. BANK JAPAN).

At this time, the image screen of the check as shown in FIG. 13 appears on the display section 15 of the terminal of the buyer 30 (Mr. C), and the buyer 30 (Mr. C) operates the keyboard 17 (or the light pen). Then, enter the amount of money, the name of the sender, the date, etc., and request the issuance of banknotes via the Internet.

(Explanation on the side of the bank 34) The silver item 34 performs the following procedure after confirming that the amount requested by the buyer 30 does not exceed the savings amount.

(1) The requested amount is secured by the buyer's 30 account.

(2) Complete the flat portion of the electronic check.

The items are: ・ Amount ・ Payout name ・ Date ・ Bank name (3) Digitally sign plaintext; The procedure is to compress plaintext (using one-way hash function) to encrypt compressed data . This encrypted data is called an "authenticator."

As the encryption key at this time, a random number sequence generated by the chaos engine of the bank is used.

Since this can also serve as NO for banknotes, the bank stores this NO as a copy. This is called the "root chaos key".

Plaintext and Root Chaos Key and "Authenticator"
The composite data composed of these three types of data will be called a "digitally signed electronic check".

(4) The "digitally signed electronic check" is encrypted by the common key of the bank 34 and the buyer 30, that is, the chaos common key BC, and transmitted to the buyer 30. This encrypted data is called "value data".

(Description of Buyer 30 Side) (1) Value data is decrypted by the chaos device key BC.

Then,

(Equation 2) (2) The plaintext of (1) is data-compressed by the one-way hash function. This is compressed data a.

(3) The authenticator is decrypted by the root chaos key of (1). Then, the compressed data obtained again is designated as b.

(4) Next, with a = b, it is recognized as an electronic check issued by the bank 34.

That is, comparison was made at the level of compressed data.

Here, the reason why the one-way hash function is used is that the data compressed by this cannot be restored to the original data, so that it is confirmed that the illegal rewriting in the terminal is prevented. .

Since only the chaos common key BC of this terminal can decrypt this value data, it is a key for uniquely proving possession of the value data.

This is called the "Cinderella key" of this terminal.

(5) Remittance of Value Data to Seller 32 (Company S) The conventional cipher at this time is the chaos common key CS.

(6) Then, after remittance, the chaos common key CS
Is changed to CS '.

(Explanation of Seller 32 Side) (1) The Cinderella key of the seller 32 is CS.

By this, the same procedure as the previous section (the same procedure as the buyer side 30) is performed.

(2) Request the bank 34 for settlement.

The conventional cipher at this time is the chaos common key SB.

(3) After transmitting the request, the chaos common key SB is changed to SB '.

(Explanation on the Bank 34 Side) (1) Cinderella The key is SB. By doing this, the same procedure as the preceding paragraph (the same procedure as that of the buyer 34) is performed, and it is confirmed that it is an electronic check issued by the bank itself. (It is also checked with the root chaos key that it is not used twice.) (2) Settle the amount of money transferred from the C account to the S account.

What kind of security can be realized by the above procedure is that the authentication of the parties is prevented, the theft is prevented from being rewritten, the double use is prevented, and the double settlement is prevented by the root chaos key.

Digital signature: proof of family name.

The above items (1) to (8) are realized by claim 5.

In addition to this, in order to realize the same handling as ordinary cash, anonymity; it is not possible for the bank to know who issued it.

Distribution is made between unspecified majority without intervening banks.

It is possible to prove ownership of value data.

Credit creation called deposit can be performed.

[0142]

[Outside 1] The above 10 items must be realized.

Even in the conventional encryption technology, ...
,, can be realized conditionally. The condition is a restriction that it is limited to the distribution between the bank, the seller and the buyer as shown in FIG.

[0144]

[Outside 2] Depending on the method (design), it is possible to meet all these conditions, but with the realization of digital signatures,
This is an example.

[0145]

As described above, according to the first aspect, every time information is transmitted, the information is encrypted by the common key of the chaotic random number sequence based on the initial value and is transmitted through the electronic network. Each time it is transmitted to the receiving side, and the receiving side receives information from the transmitting side, it decrypts it with a common key of a chaotic random number sequence based on a similar initial value.

Therefore, both terminals having the same initial value can decrypt and communicate, but on the electronic network, the third party collects the transmission information for a long time and collects the transmission information. Even if an attempt is made to decipher, the cipher pattern is infinitely changed, and the effect is that deciphering is impossible.

Even if the initial value happens to fall into the hands of a third party, the initial value changes chaotically every time, so the initial value at the present time cannot be estimated, and therefore decoding is impossible. .

According to the second aspect, when confirming whether the party can use the information stored in this device, the chaos / common key of the transmitting side and the receiving side is used as the party authentication key, When they match, the use is allowed, so the authentication is greatly simplified and the effect is perfect.

Since the party authentication key changes at the end of communication with both the sender and the receiver, even if the party authentication key is passed to the third party, the third party will authenticate the party thereafter. You cannot use the information on this device with a key.

According to claim 3, the common key and the initial value are
Since it is stored in a storage medium or the like, the person holding this storage medium becomes a party, and it is possible to carry out commercial transactions independent of the terminal, and at the same time, security is improved.

According to the fourth aspect, the chaotic engine pushes out a predetermined number of chaotic random number sequences according to the communication situation and outputs a new random number sequence to which the changed number sequence of the pushed out number is added, so that there is a chance and the security The effect of further improving is obtained.

According to claim 5, a digital signature is realized for the first time by a common key method that is not based on the public key method.

This digital signature system is universal enough to realize the attributes of bills.

The common key method also has the advantage that the system is simple and the processing speed is on the order of milliseconds.

[Brief description of the drawings]

FIG. 1 is a schematic configuration diagram of an embodiment of the present invention.

FIG. 2 is an explanatory diagram illustrating a discrete dynamical system function.

FIG. 3 is an explanatory diagram illustrating a discrete dynamical system function.

FIG. 4 is an explanatory diagram illustrating a discrete dynamical system function.

FIG. 5 is a configuration diagram of an IC card.

FIG. 6 is a flowchart illustrating an operation at the initial stage.

FIG. 7 is a flowchart illustrating an operation at an initial stage.

FIG. 8 is a flowchart illustrating details of party authentication.

FIG. 9 is a flowchart illustrating content encryption / decryption.

FIG. 10 is a flowchart illustrating content encryption / decryption.

FIG. 11 is a flowchart illustrating content encryption / decryption.

FIG. 12 is an explanatory diagram illustrating communication in a digital cache.

FIG. 13 is an explanatory diagram illustrating an electronic check screen in a digital cash.

[Explanation of symbols]

 1 Communication Control Section 3 Chaos Engine 5 Monitoring Section 5 7 E-Commerce Client Section 9 Orbit Change Section 11 Encryption / Decryption Section 13 IC Card

─────────────────────────────────────────────────── ─── Continuation of the front page (51) Int.Cl. ⁶ Identification number Office reference number FI technical display location H04L 9/32 H04L 9/00 673B

Claims (5)

[Claims] 1. In a terminal device of two or more electronic networks that perform two-way communication via an electronic network, when transmitting and receiving information, a communication control unit that controls communication based on a predetermined communication protocol, An encryption / decryption unit that encrypts or decrypts the information based on a common key, and each time an initial value or a change command value is input, a chaotic random number sequence is always generated by a discrete dynamic system function using these values. A chaotic engine to be generated, the chaotic random number sequence are stored as a common key for encrypting or decrypting the information, and one of the real number sequence used to generate the random number sequence A means for storing the value as a value, and the chaotic engine for monitoring the transmission / reception information and changing the random number sequence for each division of the information. And inputs and outputs the common key that is the stored in the encryption / decryption section, and a terminal device for an electronic network, wherein each having means for providing the initial value to the chaotic engine. 2. The mutual terminal devices exchange the common keys stored in each other when authenticating the parties, and use the communication control unit as a party authentication key when establishing the connection, and the stored common keys are stored. 2. The terminal device of the electronic network according to claim 1, further comprising means for comparing the party authentication key with the received party authentication key to determine whether the party is a legitimate communication partner. 3. The mutual terminal devices store the common key and the initial value in a storage medium, and the storage medium sends the stored common key and the initial value to a monitoring unit while the chaos engine is running. The terminal device of the electronic network according to claim 1, wherein 4. The chaotic engine of the mutual terminal devices pushes out a predetermined number of the chaotic random number sequences based on a change command, discards them, and adds a new change number sequence of the same number as the pushed out number. The terminal device of the electronic network according to claim 1, 2 or 3, wherein a random number sequence is output. 5. A random number sequence output by a chaos engine is used as a conventional cipher to realize a digital signature of an electronic check or a digital cash issued on the Internet, and the conventional cipher is issued at the same time when the digital cash is issued. When the digital cash is transferred from the issuer to the terminal or from the terminal to the terminal at the same time as being stored in the bank, the conventional cipher is re-encrypted with the chaos common key used for communication or transferred, or stored in the terminal An electronic network terminal device for a digital cache, characterized in that the conventional cipher is re-encrypted and stored with a random number sequence (chaos key) output from a chaotic engine on the side.